ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
A financial services firm is implementing an email-based approval workflow for large wire transfers. Security policy mandates that the originator of each approval must not be able to later deny having sent it, and that auditors must be able to validate both the sender's identity and the message integrity months later. Which control BEST satisfies this non-repudiation requirement?
Record only a SHA-256 hash of each approval email in a secure, tamper-evident log.
Rely on the SMTP server's timestamp headers to prove when the approval message was sent.
Encrypt each approval email using a unique symmetric session key shared between the sender and the finance team.
Digitally sign each approval email with the sender's private key and make the matching public key available for verification.
Non-repudiation requires proof of origin and integrity that the sender cannot later dispute. A digital signature created with the sender's private key binds the signer's identity to the specific message hash; anyone with the corresponding public key can verify the signature at any time, detecting any alteration and proving who signed it. Symmetric encryption protects confidentiality but offers no verifiable link to a unique individual because the key is shared. Storing only a hash ensures integrity but carries no proof of authorship. Server-side timestamps show when a message passed through infrastructure, not who genuinely approved it, and they can be spoofed or challenged. Therefore, digitally signing each approval email with the sender's private key is the most effective way to achieve non-repudiation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is non-repudiation in cybersecurity?
Open an interactive chat with Bash
How do digital signatures work?
Open an interactive chat with Bash
What are the differences between symmetric encryption and digital signatures?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .